CVE-2026-44441

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.106.0 and 16.16.0, a malicious user could send a crafted request to an endpoint, which would lead to the server making an HTTP call to a service of the user's choice. This vulnerability is fixed in 15.106.0 and 16.16...

CVE-2026-44447

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.0, some endpoints were vulnerable to SQL injection through specially crafted requests, which would allow a malicious actor to extract sensitive information. This vulnerability is fixed in 16.9.0...

EUVD-2026-30194

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.106.0 and 16.16.0, a malicious user could send a crafted request to an endpoint, which would lead to the server making an HTTP call to a service of the user's choice. This vulnerability is fixed in 15.106.0 and 16.16...

EUVD-2026-30193

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.101.1 and 16.10.0, an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability on an endpoint allows an authenticated adjacent attacker to read arbitrary files. This vulnerability is...

ERPNext SQL注入漏洞

ERPNext is a set of open-source enterprise resource planning solutions developed by the Indian company ERPNext. Versions prior to 15.104.3 and 16.14.0 of ERPNext contained SQL injection vulnerabilities. These vulnerabilities stemmed from certain endpoints being vulnerable to SQL injection attacks...

CVE-2026-38431

ERPNext v15.103.1 and before is vulnerable to Server-Side Template Injection SSTI. An attacker with permission to create or edit email templates can inject template expressions that are executed on the server when the template is rendered...

EUVD-2025-206723

ERPNext thru 15.88.1 does not sanitize or remove certain HTML tags specifically hyperlinks in fields that are intended for plain text. Although JavaScript is blocked preventing XSS, the HTML is still preserved in the generated PDF document. As a result, an attacker can inject malicious clickable...

CVE-2019-20511

ERPNext 11.1.47 allows blog?blogcategory= Frame Injection...

CVE-2019-20520

ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the api/method/ URI...

CVE-2019-20521

ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the api/ URI...

CVE-2019-20518

ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the project/ URI...

EUVD-2025-203389

An SSTI Server-Side Template Injection vulnerability exists in the getaddressdisplay method of Frappe ERPNext through 15.89.0. This function renders address templates using frappe.rendertemplate with a context derived from the addressdict parameter, which can be either a dictionary or a string...

CVE-2025-66439

An issue was discovered in Frappe ERPNext through 15.89.0. Function getoutstandingreferencedocuments at erpnext.accounts.doctype.paymententry.paymententry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the...

ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. A security vulnerability exists in ERPNext 15.89.0 and earlier versions, which stems from the presence of server-side template injection in the getcontracttemplate method, which could lead to server-side code...

ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. A security vulnerability exists in ERPNext 15.89.0 and earlier versions, which stems from improper handling of the topostingdate parameter in the getoutstandingreferencedocuments function, which could lead to a SQ...

ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. A security vulnerability exists in ERPNext 15.89.0 and earlier versions, which stems from the presence of server-side template injection in the gettermsandconditions method, which could lead to server-side code...

ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. A security vulnerability exists in ERPNext 15.89.0 and earlier versions, which stems from the presence of server-side template injection in the getdunninglettertext method, which could lead to server-side code...

ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. A security vulnerability exists in ERPNext 15.89.0 and earlier versions, which stems from the presence of server-side template injection in the getaddressdisplay method, which could lead to server-side code...

CVE-2025-66437

The connected sources confirm a Server-Side Template Injection (SSTI) in Frappe ERPNext up to version 15.89.0 via get_address_display, where address templates are rendered with a context from address_dict. Despite a custom Jinja2 Sandbox, get_safe_globals() exposes dangerous functions (e.g., frap...

CVE-2025-66440

CVE-2025-66440 affects Frappe ERPNext up to version 15.89.0. The issue occurs in get_outstanding_reference_documents() within payment_entry.py, where the to_posting_date parameter is directly interpolated into a SQL query without sanitization or parameter binding, enabling SQL injection. The resu...